Introduces CUPS Packaging with Snapcraft and Rockcraft

[rudra-iitm]

This PR enhances the packaging process for CUPS by introducing two distinct methods for deployment:

1. Snapcraft: Packages CUPS as a Snap, already maintained by @tillkamppeter in the OpenPrinting/cups-snap repository.
2. Rockcraft: Adds the necessary code and configurations to build and deploy an OCI image of CUPS using Rockcraft.

Key Changes

Packages Configuration

• Added packages/rockcraft.yaml, containing all the configurations required to build the Rock for CUPS.
• Added packages/snapcraft.yaml, containing all the configurations required for the CUPS Snap.

GitHub Workflows

• Introduced packages-ci.yml workflow to build and test the Rockcraft and Snapcraft packages.
• Added the auto-update.yml workflow with the latest changes from desktop-snaps#813.
• Implemented a CI pipeline (registry-actions.yml) to automatically push newly built Docker images to GitHub Packages.
  (Note: Publishing to Docker Hub is commented out until OpenPrinting's Docker Hub setup is finalized.)

Testing Instructions

• Added TESTING.md with detailed instructions on how to test the CUPS Rock package.

[michaelrsweet]

Thanks for this, will probably have a chance to start reviewing this tomorrow...

[michaelrsweet]

Thanks for this! In general this looks OK, but there is still some reorg/refactoring to do to make this supportable in the long term - see the comments for some specific issues.

I would like to see some of the sub-directories like "scripts" to be renamed. For example, scripts for the Snap packaging could be placed under "snap-scripts" or "snap/scripts". The "packaging" directory also has packaging files for RPM and EPM already, and you have mixed both snap-specific and OCI-specific content together which is confusing, sometimes with almost identical names.

All of the scripts should have both a copyright/license header (see DEVELOPING.md) and a short description of what they do and where they are used. There are a lot of moving parts here, and we have a lot of developers poking around at various times. A little bit of documentation and organization goes a long way towards maintaining a project over 25+ years...

[michaelrsweet]

So these should probably have a leading / (for that matter, so should container-config above).

[michaelrsweet]

Since the packaging directory is about more than just making Snap or OCI images, this should either have a different name or mention the EPM list and RPM spec files as well. Ditto for the TESTING.md file.

[tillkamppeter]

Yes, that is right, the README.md at the top of packaging/ should cover all contained packaging methods. Or one makes subdirectories, packaging/rpm, packaging/epm, packaging/snap, ... Each one having their own README.md files then.

[rudra-iitm]

In this case, we can have two README files: one for Snap and the other for Rock, named SNAP.md and ROCK.md, respectively, inside the packaging directory.

[michaelrsweet]

I would feel more comfortable having this in a separate OpenPrinting repository, version it, and then import the corresponding sources when building the snap/OCI image.

[tillkamppeter]

These C programs, cups-proxyd and scripts/port-occupied are only for the Snap and OCI packaging and do not make sense separately. So they are a little bit like the scripts the package uses at run time, but they are written in C as writing these as scripts is awkward or even impossible. To avoid clutter in OpenPrinting's GitHub site (unfortunately GitHub does not allow to organize the repos in something directory-tree-like) I have kept them being a part of cups-snap and the most intuitive is to move cups-snap into the CUPS repository altogether instead of creating 2 new mini repos for the 2 C programs and only moving the scripts and snapcraft.yaml into CUPS. So the attempt of doing reduction of clutter on the OpenPrinting GitHub leads to even more clutter.

Perhaps it could be arranged differently, as CUPS (2.x) already has several directories for C source code (systemv, ppdc, ...) one could have an extra C source directory at the top level or under packaging/ holding these C helper programs and they having a Makefile using the build system of CUPS itself, making use of ./configure and Makedefs.

Or should we alternatively not move the packaging repos into CUPS so that they hold the C files by themselves. This would be ugly as we have 2 packaging methods sharing the C files, and so to not create said min repos for each of the C programs, having the 2 packaging methods in one repo which is ugly again.

[michaelrsweet]

Is this a generic change that should always be applied? If so, apply it and don't patch around issues in the "upstream" code (now that this will be upstream).

If we need this to be configurable, make it configurable.

[tillkamppeter]

Yes, there should not be any patches in a repo which patch anything in the same repo. Whatever gets patched here has to be done right in the first place, or be configurable if the patch is only applied for special cases.

This patch is always applied when we build the Snap and the code it patches is only relevant for the snapped CUPS, so, @rudra-iitm , here you should directly modify the file scheduler/auth.c to use cups-server instead of cups-control.

Please also check with other patches should you have moved some into the CUPS repo.

[michaelrsweet]

Please report this issue - we need to fix that and not work around bugs.

GNU TLS is an order of magnitude slower on most platforms than OpenSSL or LibreSSL.

[tillkamppeter]

@rudra-iitm first, please re-check whether the problem is still there (build with this line commented out and see whether the web interface is working correctly).

If not, there is really a bug in the Linux version of whatever SSL CUPS is using by default.

As there are both OpenSSL and LibreSSL you could even include one of these alternatives in the Snap, the one where the bug does not occur ...

[michaelrsweet]

This isn't exactly a script, and should probably be in a separate repo (you could probably create a cups-container repository or something to hold all these helper programs) rather than putting it under the packaging directory.

[tillkamppeter]

@rudra-iitm See above with cups-proxyd.

[michaelrsweet]

There needs to be a way to disable cups-browsed.

[tillkamppeter]

The best way is to move cups-browsed into its own Snap.

Generally it will go away with CUPS 3.x, but for the short remaining life time of CUPS 2.x we should do something about it.

cups-browsed in its own Snap would be the most elegant solution, do not install that Snap if all your print dialogs are nicely doing CPDB and so cope with temporary printers, install it if you still have to cope with broken print dialogs.

If we keep cups-browsed in the CUPS Snap, we need a way to make it easier than sudo snap disable cups.cups-browsed for the users of the CUPS Snap to turn off cups-browsed.

[michaelrsweet]

This is confusing - I'm assuming this is for the OCI image and the "run-cupsd" is for the Snap? The snap and Rock-specific stuff needs to be separated.

[tillkamppeter]

@rudra-iitm you need to use subdirectories and directory names to make clear what belongs to the Snap and what to the Rock ...

[tillkamppeter]

@rudra-iitm the needed copyright/license header is as described in DEVELOPING.md, same text content as CUPS' own files. We want to have everything under the same license (Apache 2.0 with exceptions) so you overtake the content of the other file's license headers. The copyright of the snapping is by me and of the Rock is by you and me (as you have overtaken parts of the Snap). AFAIR I had issued the snapping under the same license as CUPS is, if not, you have my permission to change the license to be the same as CUPS.

[rudra-iitm]

@tillkamppeter Do we really need to apply this patch? The code that applies this patch is commented out in snapcraft.yaml. If the patch isn't necessary, we could simply remove the file.